All my plugin php files, including wordfence files have had code added that starts with
<?php $crztyorxng = 'ff2!>!bssbz)%x5c%x7824]25
I have run wordfence and it reports my site is clean. I have had backups restord but either all files are infected or they are immediately re-infected.
Sucri also reports no issues.
Any suggestions where I go from here?